public Setup() { RegularUserId = HttpHostFixture.GetUserId("paul"); ManagerUserId = HttpHostFixture.GetUserId("manager"); AdminUserId = HttpHostFixture.GetUserId("admin"); AuthorizationToken = HttpHostFixture.GetTokenFor("manager", "manager123$"); }
public void User_is_forbidden_to_access_meals_of_others() { var userId = HttpHostFixture.GetUserId("paul"); var token = HttpHostFixture.GetTokenFor("saul", "saul123$"); var request = new HttpRequestMessage(HttpMethod.Get, new Uri(HttpHostFixture.UrlBase + $"/users/{userId}/meals")); HttpHostFixture.AppendAuthentication(request, token); var result = HttpHostFixture.HttpClient.SendAsync(request).Result; Assert.Equal(HttpStatusCode.Forbidden, result.StatusCode); }
public void Administrator_can_access_meals_of_every_user() { var userId = HttpHostFixture.GetUserId("saul"); var token = HttpHostFixture.GetTokenFor("admin", "admin123$"); var request = new HttpRequestMessage(HttpMethod.Get, new Uri(HttpHostFixture.UrlBase + $"/users/{userId}/meals")); HttpHostFixture.AppendAuthentication(request, token); var result = HttpHostFixture.HttpClient.SendAsync(request).Result; Assert.Equal(HttpStatusCode.OK, result.StatusCode); }
public Setup() { RegularUserId = HttpHostFixture.GetUserId("paul"); AuthorizationToken = HttpHostFixture.GetTokenFor("admin", "admin123$"); }